To replay an attack you need to have theRapid7 InsightAppSec chrome plugininstalled. If you have the plugin installed make sure to enable "Allow access to file URLs" in the plugin settings.

After doing so, refresh the page to allow the changes to come into effect.

Vulnerabilities with Remediation

Hackazon

App Name: HackazonScan Config: recommended-hackazonScan Date: 03/06/23 2:33 AMReport Generated: 03/06/23 3:18 AM

43m 33s

Duration of Scan

Scan Completed - 03/06/23 3:17 AM

61

Crawled Links

Logged Out

173

Vulnerabilities Discovered

42797 - Attacks Performed
Vulnerabilities by Severity
Created with Highcharts 10.2.121563930HighMediumLowInformationalSafe050100

SessionStrength (1)

References

OWASP2021-A02CWE-330OWASP2017-A2

Description

Session tokens that exhibit low entropy ("randomness") are often susceptible to prediction attacks. Insecure tokens can be due to inadequate pseudo-random number generator, time-based values, static values, or values based on user attributes (username or user ID). This means that an attacker would be able to guess a valid session token after monitoring the application for a short period of time and gathering the session tokens it creates. If the attacker determines a valid session token for another user, then it may be possible to view, modify, or delete arbitrary users' data without having to guess the victim's username or password. Consequently, the ability to deduce valid session tokens enables the attacker to bypass login pages and obviate the need to brute force accounts.
Additionally, static tokens can enable the attacker to target users even if the victim is not currently logged into the application. This increases the pool of victims which the attacker can target.

Session tokens should be created with a strong random number generator and gathered from a large pool of numbers. For example, an operating system's rand() function can usually be sufficient if it can produce 32-bit values that are a statistically uniform distribution. Poor session tokens are incremental, rely on the user's account ID, only use time stamps, or have other highly deterministic information. Other methods of protecting a session token's security are to always transmit them over SSL, automatically expire the token after a certain period of time, and explicitly expiring the token whenever a user logs out of the application.

Recommendation

If the session values exhibit strong randomness, but are chosen from a small pool of values, then the attacker has a better chance of simply guessing a valid token. A web application's session management can be improved by implementing several complementary techniques:

  • Make sure that the Token values are at least 32 bits in size, especially for applications with large numbers of concurrent users and high amounts of daily page requests.
  • The bit size of the source of the entropy (random values) is more important than the bit size of the actual session token. For example, an MD5 hash produces a 128 bit value. However, the MD5 hash of incremental values, a timestamp, or 8-bit random numbers are each insecure because the source of the random values can be easily predicted. Consequently, the 128 bit size does not represent an accurate measure of the session token. The minimum size of the entropy source is 32 bits, although larger pools (48 or 64 bits) may be necessary for sites with over 10,000 concurrent users per hour.
  • In most cases, application-generated tokens (e.g. ASP.NET_SessionId, ASPSESSIONID, JSPSESSIONID, PHPSESSIONID) provide sufficiently large random values to prevent session prediction attacks. The application should use these session management alogorithms unless a custom session mechanism has been thoroughly reviewed and tested.
  • Track user attributes associated with the session token with server-side objects to prevent user impersonation attacks. If the application does not strictly associate a user's session token with that user's profile information, then an attacker may be able to view arbitrary information by manipulating client-side values. For example, if the application sets a strong session token, but performs SQL queries based on a "UserId" cookie, then an attacker only needs to modify the "UserId" cookie to impersonate someone else. The application would be more secure if it associated the "UserId" value with the server-side session object because the attacker would not be able to modify the value.
  • Expire session tokens when the user logs out of the application or after a predetermined period of inactivity. We recommend using a 20 minute timeout for a session token, although this largely depends on the type of application and the expected usage.

CVSS Score

5.1 (Medium)

Vector String

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
HIGH

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SessionStrengthCookieName=NB_SRVID; CookieDomain=hackazon.webscantest.com; CookiePath=/; CookieSecure=false; CookieHttpOnly=false; SessionStrengthCookieCount=1355; UniqueSessionStrengthCookieCount=2; TheoreticalMaximumEntropy=1.00; EffectiveEntropy=0.00; SignificanceLevel=0.01; EstimatedStrength=0.00; CharacterLevelPValueSummary=[0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000]; CharacterSetSize=[1.0000,1.0000,1.0000,1.0000,1.0000,1.0000,1.0000,1.0000,1.0000,1.0000,2.0000]; BitLevelPValueSummary=[0.0000]; UsableBitsOfEntropy=[0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,0.0000,1.0000]
Original Traffic
Open

FormBruteForce (1)

References

OWASP2021-A07CWE-287OWASP2017-A2

Description

A valid username and password combination was discovered for the application.
Default passwords and trivial passwords expose an application to unauthorized access.
If a user chooses a very insecure password, then that user's account information can be compromised and the account can be used to attempt to compromise the application.

Recommendation

Enforce a strong password security policy.

  1. Require that all passwords have a suitable minimum length.
  2. Require that all passwords have a suitable complexity, using mixed-case alphanumeric content.
  3. Require that all passwords expire periodically and have suitable rules for re-use of previously expired passwords.

CVSS Score

7 (High)

Vector String

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:X/RL:X/RC:R

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: password / 2 Attack Variances)
HIGH

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
FormBruteForcex75uzqtz%24Username=admin and Password=123456logoutLogged in state was detected with the regex match 'logout'
Original Traffic
Open
Attack Traffic
Open
FormBruteForcex75v8o0f%24Username=admin and Password=123456logoutLogged in state was detected with the regex match 'logout'
Original Traffic
Open
Attack Traffic
Open

Credentials Over Un Encrypted Channel (14)

References

CWE-523OWASP2021-A02OWASP2017-A3

Description

Sending credentials over HTTP

Recommendation

Credentials or sensitive data is transmitted without encryption and a malicious user could read user's sensitive data by simply sniffing the net with a tool like Wireshark. HTTPS protocol ensures that data is sent through an encrypted channel and not readable by other people.

CVSS Score

2.8 (Low)

Vector String

AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:X/RL:X/RC:R

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" class="signin" method="POST" action="/user/login?return_url= " id="loginPageForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" class="signin" method="POST" action="/user/login?return_url= " id="loginPageForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/cart/viewRoot Cause: (Parameter: / 2 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/user/termsRoot Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 2 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 3 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/register" id="registerForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/register" id="registerForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/category/viewRoot Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/search/page/Root Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/wishlist/Root Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/review/sendRoot Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/bestpriceRoot Cause: (Parameter: / 1 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 2 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 2 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open
Credentials Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/login" id="loginForm">The form action points to an HTTP site
Original Traffic
Open

XSS (1)

References

OWASP2017-A7OVAL-6312CAPEC-63OWASP2021-A03CWE-80

Description

Reflected Cross-site Scripting (XSS) is another name for non-persistent or Type-II XSS, in which the attack doesn't load with the vulnerable web application but is instead originated by the victim loading the offending URI.

Recommendation

Reflected XSS attacks are the most frequent type of XSS attacks found nowadays.

When a web application is vulnerable to this type of attack, it will pass unvalidated input sent through requests to the client. Reflected attacks are delivered to the victim in various ways, such as in an e-mail message, or through some specially crafted URI. When a user is tricked into clicking on the malicious link, the injected code travels to the vulnerable web site, which reflects the attack back to the user’s browser. The browser then executes the offending code because it came from a "trusted" server.

Commonly the attacker's code is written in the Javascript language, but other scripting languages are also used, e.g., ActionScript and VBScript.

Attackers typically leverage these vulnerabilities to install key loggers, steal victim cookies, perform clipboard theft, and change the content of the page (e.g. download links).

To remediate against reflected XSS vulnerabilities, strict filtering of HTML character encodings must be adhered to. In some cases, the web application may not be filtering some character encodings. For example, it may filter out "<script>", but might not filter "%3Cscript%3E" which simply includes another encoding of tags. A nice tool for testing character encodings is OWASP's CAL9000.

Filtering of all information sent to the server via form POST/GET and URL query parameters with a particular emphasis on filtering out HTML-specific characters is advised.

CVSS Score

6.3 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:H/RL:X/RC:C

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: searchString / 3 Attack Variances)
MEDIUM

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XSSwater%F6water"><script>alert(3940657)</script><script>alert(3940657)</script>3940657
Original Traffic
Open
Attack Traffic
Open
XSSwater%F6<img """><script>alert("x7gsaupz")</script>"><script>alert("x7gsaupz")</scriptx7gsaupz
Original Traffic
Open
Attack Traffic
Open
XSSwater%F6water"><script>alert(3985776)</script><script>alert(3985776)</script>3985776
Original Traffic
Open
Attack Traffic
Open

HTTPSEverywhere (45)

References

CWE-319OWASP2021-A02

Description

Unencrypted HTTP connections create a vulnerability and expose potentially sensitive information about users. This data can include browser identity, website content, search terms, and other user-submitted information. To address these concerns, many commercial organizations have already adopted HTTPS-only policies to protect visitors to their websites and services

Recommendation

All networks, both external and internal, must utilize TLS or an equivalent transport layer security mechanism for all communication. By always using HTTPS, web services don not have to make a subjective judgment call about what's sensitive. This leaves less room for error, and makes deployment simpler and more consistent.

CVSS Score

2.8 (Low)

Vector String

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

http://hackazon.webscantest.com/css/nivo-themes/light/light.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/ekko-lightbox.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/products_pictures/Cricut_Explore_Electronic_Cutting_Machine_with_Cricut_Design_Spa_small_02b7b9.jpgRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/images/banner_02-v3.jpgRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/cart/addRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereLocation: /cart/viewHTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereLocation: /cart/viewHTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereLocation: /cart/viewHTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/swf/playerProductInstall.swfRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/products_pictures/Oral_B_Pro_Health_Clinical_Pro_Flex_Medium_Toothbrush_2_Count_small_1b0af6.jpgRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/review/sendRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereLocation: /product/view?id=45HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 400 Bad HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereLocation: /product/view?id=122HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/category/viewRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/amf/services.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/json3.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/ekko-lightbox.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/products_pictures/AmazonBasics_2_Port_USB_Car_Charger_with_2_1_Amp_Total_Output_Bl_small_a7b4a8.jpgRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/jquery-1.10.2.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/products_pictures/Oxiclean_Versatile_Stain_Remover_small_326ba6.jpgRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/search/page/Root Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 404 Not HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/koExternalTemplateEngine_all.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/knockout-2.2.1.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 2 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/subcategory.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/nivo-slider.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 2 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/jquery-migrate-1.2.1.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/modern-business.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/bootstrapValidator.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/user/termsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/js/bootstrapValidator.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/cart/viewRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/products_pictures/Febreze_Noticeables_Gain_Original_Air_Freshener_Refill_small_6cff33.jpgRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/bestpriceRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereLocation: /bestpriceHTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/twitterRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 2 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/wishlist/Root Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/star-rating.min.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/nivo-themes/bar/bar.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/bootstrap.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/font-awesome/css/font-awesome.min.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/sidebar.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/site.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/ladda-themeless.min.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

http://hackazon.webscantest.com/css/modern-business.cssRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPSEverywhereHTTP/1.1 200 OK HTTP site must redirect to HTTPS site
Original Traffic
Open

CSPHeaders (2)

References

OWASP2017-A5OWASP2021-A05CWE-16

Description

The Content Security Policy hasn't been declared properly either through the meta-tag or the header, so the browser's trust of the content received from the server can be exploited. Malicious scripts are executed by the victim's browser because the browser trusts the source of the content, even when it's not coming from where it seems to be coming from.

Recommendation

The Content-Security-Policy HTTP response header helps you reduce XSS risks on modern browsers by declaring what dynamic resources are allowed to load via a HTTP Header. CSP makes it possible for server administrators to reduce or eliminate the vectors by which XSS can occur by specifying the domains that the browser should consider to be valid sources of executable scripts. A CSP compatible browser will then only execute scripts loaded in source files received from those allowlisted domains, ignoring all other script (including inline scripts and event-handling HTML attributes).

CVSS Score

3.8 (Low)

Vector String

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:X/RC:R

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
CSPHeadersHTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:58 GMT Pragma: no-cache Content-Length: 6311 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 Missing HTTP header "Content-Security-Policy"
Original Traffic
Open
CSPHeadersHTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 6142 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 Missing HTTP header "Content-Security-Policy"
Original Traffic
Open
CSPHeadersHTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:04 GMT Pragma: no-cache Content-Length: 6142 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 Missing HTTP header "Content-Security-Policy"
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
CSPHeadersHTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 4326 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 Missing HTTP header "Content-Security-Policy"
Original Traffic
Open
CSPHeadersHTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:06 GMT Pragma: no-cache Content-Length: 4422 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 Missing HTTP header "Content-Security-Policy"
Original Traffic
Open
CSPHeadersHTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:03 GMT Pragma: no-cache Content-Length: 4422 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 Missing HTTP header "Content-Security-Policy"
Original Traffic
Open

AutocompleteAttributeCheck (2)

References

OWASP2017-A6OWASP2021-A05

Description

HTML forms are a key component to exchanging information between a user and the server.
Browser feature of remembering what you entered in previous text form fields with the same name.
So, for example, if the field is named 'name' and you had entered several variants of your name in other fields named name, then autocompletion provides those options in a dropdown.

Recommendation

The password autocomplete should always be disabled, especially in sensitive applications, since an attacker, if able to access the browser cache, could easily obtain the password in cleartext (public computers are a very notable example of this attack).
You can turn it off by setting AUTOCOMPLETE to OFF:
<input autocomplete="off" name="oPassword" type="password" >

CVSS Score

1.8 (Low)

Vector String

AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
AutocompleteAttributeCheck<input type="password" maxlength="100" required name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="5" value="x75zzjnm$">
Original Traffic
Open
AutocompleteAttributeCheck<input type="password" maxlength="100" required name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="5" value="">
Original Traffic
Open
AutocompleteAttributeCheck<input type="password" maxlength="100" required name="password_confirmation" id="password_confirmation" class="form-control input-lg" placeholder="Confirm Password" tabindex="6" value="">
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
AutocompleteAttributeCheck<input type="password" maxlength="100" required name="password" class="form-control input-lg" placeholder="Password" id="password">
Original Traffic
Open
AutocompleteAttributeCheck<input type="password" maxlength="100" required name="password" class="form-control input-lg" placeholder="Password" id="password">
Original Traffic
Open
AutocompleteAttributeCheck<input type="password" maxlength="100" required name="password" class="form-control input-lg" placeholder="Password" id="password">
Original Traffic
Open

Clients Cross-Domain Policy (1)

References

CWE-942CAPEC-182OWASP2021-A05

Description

A cross-domain policy file specifies the permissions that a web client such as Java, Adobe Flash, Adobe Reader, etc. use to access data across different domains. For Silverlight, Microsoft adopted a subset of the Adobe's crossdomain.xml, and additionally created it's own cross-domain policy file: clientaccesspolicy.xml. Whenever a web client detects that a resource has to be requested from other domain, it will first look for a policy file in the target domain to determine if performing cross-domain requests, including headers, and socket-based connections are allowed. Master policy files are located at the domain's root. A client may be instructed to load a different policy file but it will always check the master policy file first to ensure that the master policy file permits the requested policy file.

Recommendation

There are several recomendation prio to deployment of a cross-domain policy file:

  • Carefully evaluate which sites will be allowed to make cross-domain calls. Consider network topology and any authentication mechanisms that will be affected by the configuration or implementation of the cross-domain policy.
  • Limit the scope of the cross-domain policy to only the desired functionality by creating subdomains or virtual directories containing shared functionality.
  • Review any XSRF prevention mechanisms to see if they may be affected by allowing cross-domain data loading.

CVSS Score

5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:X/RC:R

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Clients Cross-Domain Policyhttp://hackazon.webscantest.com/crossdomain.xmlThe policy uses a global wildcard for the request headers allowance. The policy uses a global wildcard for the client domain.
Original Traffic
Open
Attack Traffic
Open

Sensitive Data Over Un Encrypted Channel (5)

References

CWE-319OWASP2021-A02OWASP2017-A3

Description

Sending sensitive data over HTTP

Recommendation

Credentials or sensitive data is transmitted without encryption and a malicious user could read user's sensitive data by simply sniffing the net with a tool like Wireshark. HTTPS protocol ensures that data is sent through an encrypted channel and not readable by other people.

CVSS Score

4.5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:U

http://hackazon.webscantest.com/bestpriceRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Sensitive Data Over Un Encrypted Channel<form role="form" method="post" action="/bestprice" id="bestpriceForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Sensitive Data Over Un Encrypted Channel<form role="form" method="post" class="signin" action="/user/register" id="registerForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Sensitive Data Over Un Encrypted Channel<form role="form" method="post" action="/faq" id="faqForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Sensitive Data Over Un Encrypted Channel<form class="form-horizontal js-review-form" role="form" method="POST" action="/review/send" id="sendForm">The form action points to an HTTP site
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Sensitive Data Over Un Encrypted Channel<form role="form" method="POST" id="contactForm" class="form-horizontal hw-form-contact">The form action points to an HTTP site
Original Traffic
Open

FormReSubmission (4)

References

CWE-319OWASP2021-A02OWASP2017-A3

Description

When a web form is submitted to a server through an HTTP POST request, a web user that attempts to refresh the server response in certain user agents can cause the contents of the original HTTP POST request to be resubmitted, possibly causing undesired results, such as a duplicate web purchase.

Recommendation

To avoid this problem, many web developers use the PRG pattern - instead of returning a web page directly, the POST operation returns a redirection command.
Post/Redirect/Get (PRG) is a web development design pattern that prevents some duplicate form submissions, creating a more intuitive interface for user agents (users). PRG implements bookmarks and the refresh button in a predictable way that does not create duplicate form submissions.

CVSS Score

3.3 (Low)

Vector String

AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:X/RC:X

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 2 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
FormReSubmissionHTTP/1.1 200 OK
Original Traffic
Open

InformationLeakage (1)

References

OWASP2017-A6OWASP2021-A01CWE-201

Description

Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack. An information leak occurs when system data or debugging information leaves the program through an output stream or logging function.

Recommendation

Depending upon the system configuration, this information can be dumped to a console, written to a log file, or exposed to a remote user. In some cases the error message tells the attacker precisely what sort of an attack the system will be vulnerable to.
For example, a database error message can reveal that the application is vulnerable to a SQL injection attack. Other error messages can reveal more oblique clues about the system.
In the example above, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.

CVSS Score

4.5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:U

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 3 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
InformationLeakage<input type="hidden" name="price-filter" id="price-2" value="2" data-type="filter-param" />
Original Traffic
Open
InformationLeakage<input type="hidden" name="price-filter" id="price-3" value="3" data-type="filter-param" />
Original Traffic
Open
InformationLeakage<input type="hidden" name="price-filter" id="price-1" value="1" active data-type="filter-param" />
Original Traffic
Open

HttpOnlyAttribute (2)

References

CWE-79OWASP2017-A7CAPEC-21OWASP2021-A05

Description

The HttpOnly attribute directs browsers to use cookies via the HTTP protocol only. An HttpOnly cookie is not accessible via non-HTTP methods, such as calls via JavaScript (e.g., referencing "document.cookie"), and therefore cannot be stolen easily via cross-site scripting (a pervasive attack technique).

Recommendation

If the HttpOnly flag (optional) is included in the HTTP response header, the cookie cannot be accessed through client side script (again if the browser supports this flag). As a result, even if a cross-site scripting (XSS) flaw exists, and a user accidentally accesses a link that exploits this flaw, the browser (primarily Internet Explorer) will not reveal the cookie to a third party.

CVSS Score

4.1 (Medium)

Vector String

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:F/RL:X/RC:C

http://hackazon.webscantest.com/Root Cause: (Parameter: Set-Cookie: PHPSESSID / 2 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HttpOnlyAttributeSet-Cookie: PHPSESSID=m41sk1g5lom3bi2sd1jkr9mk86; path=/ Set-Cookie: PHPSESSID=m41sk1g5lom3bi2sd1jkr9mk86; path=/
Original Traffic
Open
HttpOnlyAttributeSet-Cookie: NB_SRVID=srv36155888; path=/ Set-Cookie: NB_SRVID=srv36155888; path=/
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: Set-Cookie: visited_products / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HttpOnlyAttributeSet-Cookie: visited_products=%2C45%2C122%2C; expires=Tue, 05-Mar-2024 02:35:05 GMT; Max-Age=31536000; path=/ Set-Cookie: visited_products=%2C45%2C122%2C; expires=Tue, 05-Mar-2024 02:35:05 GMT; Max-Age=31536000; path=/
Original Traffic
Open

SameSiteAttribute (1)

References

OWASP2017-A7CWE-614CAPEC-21OWASP2021-A05

Description

The SameSite attribute restricts the browser from sending cookies in certain cross-site requests. This can provide protection against cross-origin information leakage and cross-site request forgery attacks. When set to "strict", the cookie will be sent with same-site requests only. When set to the default value of "lax", the cookie will be withheld on cross-site sub-requests (e.g. load images), but will be sent on any top-level navigation to a URL from an external site (e.g. following a link).

Recommendation

The SameSite attribute, with a value of "strict" or "lax", should be used for any session cookie (or any cookie that contains sensitive information) that may be sent in a cross-site request. Be aware that when using a value of "lax", such cookies will still be sent on cross-site requests from web forms that use the GET method. Using a value of "strict" will protect against this but may reduce usability. By considering the context in which the cookie will be used and how sensitive it's contents are, the value can be chosen accordingly. It should also be noted that the SameSite attribute does not provide complete protection against cross-site attacks and it should therefore be used in conjunction with CSRF tokens and other measures to provide good protection.

CVSS Score

4.1 (Medium)

Vector String

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:F/RL:X/RC:C

http://hackazon.webscantest.com/Root Cause: (Parameter: Set-Cookie: PHPSESSID / 2 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SameSiteAttributeSet-Cookie: NB_SRVID=srv36155888; path=/ Set-Cookie: NB_SRVID=srv36155888; path=/
Original Traffic
Open
SameSiteAttributeSet-Cookie: PHPSESSID=m41sk1g5lom3bi2sd1jkr9mk86; path=/ Set-Cookie: PHPSESSID=m41sk1g5lom3bi2sd1jkr9mk86; path=/
Original Traffic
Open

CSRF (1)

References

OWASP2021-A01CAPEC-62CWE-352

Description

Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains a malicious request. It is malicious in the sense that it inherits the identity and privileges of the victim to perform an undesired function on the victim's behalf, like change the victim's e-mail address, home address, or password, or purchase something. CSRF attacks generally target functions that cause a state change on the server but can also be used to access sensitive data.
For most sites, browsers will automatically include with such requests any credentials associated with the site, such as the user's session cookie, basic auth credentials, IP address, Windows domain credentials, etc. Therefore, if the user is currently authenticated to the site, the site will have no way to distinguish this from a legitimate user request.
In this way, the attacker can make the victim perform actions that they didn't intend to, such as logout, purchase item, change account information, retrieve account information, or any other function provided by the vulnerable website.
Sometimes, it is possible to store the CSRF attack on the vulnerable site itself. Such vulnerabilities are called Stored CSRF flaws. This can be accomplished by simply storing an IMG or IFRAME tag in a field that accepts HTML, or by a more complex cross-site scripting attack. If the attack can store a CSRF attack in the site, the severity of the attack is amplified. In particular, the likelihood is increased because the victim is more likely to view the page containing the attack than some random page on the Internet. The likelihood is also increased because the victim is sure to be authenticated to the site already.
Synonyms: CSRF attacks are also known by a number of other names, including XSRF, "Sea Surf", Session Riding, Cross-Site Reference Forgery, Hostile Linking. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and many places in their online documentation.

Recommendation

Web sites have various CSRF countermeasures available:

  • Requiring a secret, user-specific token in all form submissions and side-effect URLs prevents CSRF; the attacker's site cannot put the right token in its submissions
  • Requiring the client to provide authentication data in the same HTTP Request used to perform any operation with security implications (money transfer, etc.)
  • Limiting the lifetime of session cookies
  • Ensuring that there is no clientaccesspolicy.xml file granting unintended access to Silverlight controls
  • Ensuring that there is no crossdomain.xml file granting unintended access to Flash movies

An easy and effective solution is to use a CSRF filter such as OWASP's CSRFGuard. The filter intercepts responses, detects if it is a html document and inserts a token in to the forms and optionally inserts script to insert tokens in ajax functions. The filter also intercepts requests to check that the token is present.

CVSS Score

3.8 (Low)

Vector String

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:F/RL:X/RC:U

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 1 Attack Variances)
LOW

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
CSRF_csrf_faq=VZIFA9flc1CAtVZor70PfuzYSrDjZapZThe server returned the same response to an attack request as original response.
Original Traffic
Open
Attack Traffic
Open

JavaScriptLeaks (2)

References

No references are available for this vulnerability.

Description

Global variables are easily leaked in Javascript. You may consider the following javascript code used in the default, non-strict mode:

      function f(){
       Token = 1;
      }
      f();
      console.log("I can still see Token: " + Token);
      
The default, non-strict mode allows some relatively "unsafe" actions to be taken, and it allows some code mistakes that make it difficult for JavaScript engines to perform optimizations.

Recommendation

To prevent these mistakes from happening, add 'use strict'; at the beginning of your JavaScript files. This enables a stricter mode of parsing JavaScript that prevents accidental globals. Strict mode makes several changes to normal JavaScript semantics. First, It prevents, or throws errors, when relatively "unsafe" actions are taken. Second, strict mode eliminates some JavaScript silent errors by changing them to throw errors.

0

http://hackazon.webscantest.com/category/view?id=4Root Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
JavaScriptLeakskoVariable "ko" in javascript code "this.ko=b);" found at Url "http://hackazon.webscantest.com/js/knockout-2.2.1.js"
Original Traffic
Open
JavaScriptLeaksinfuserVariable "infuser" in javascript code "infuser={storageOptions:{hash:hashStorage," found at Url "http://hackazon.webscantest.com/js/koExternalTemplateEngine_all.min.js"
Original Traffic
Open

http://hackazon.webscantest.com/js/json3.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
JavaScriptLeaksJavascript "strict mode" is not defined.
Original Traffic
Open

HTTPHeaders (24)

References

CWE-79

Description

The encoding hasn't been declared either through the meta-tag, the byte-order-mark or the header, so the browser will make an attempt to detect the document's encoding. This exploit only works if the document reflects user input and the browser can be tricked into encoding the page as UTF-7 instead of UTF-8. Some of the browsers actually support UTF-7.

Recommendation

Add X-Content-Type-Options response header to all responses:
X-Content-Type-Options: nosniff

Always declare the character encoding of all text documents (html, text, stylesheet, javascript, xml). Use the HTTP header if you can. Always use an in-document declaration too.
You can use @charset or HTTP headers to declare the encoding of your style sheet, but you only need to do so if your style sheet contains non-ASCII characters and, for some reason, you can't rely on the encoding of the HTML and the associated style sheet to be the same.
Try to avoid using the byte-order mark in UTF-8, and ensure that your HTML code is saved in Unicode normalization form C (NFC).

0

http://hackazon.webscantest.com/css/subcategory.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/nivo-slider.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/bootstrapValidator.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/jquery-1.10.2.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/twitterRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/htmlThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/modern-business.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/ekko-lightbox.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/nivo-themes/light/light.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/jquery-migrate-1.2.1.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/font-awesome/css/font-awesome.min.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/modern-business.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/nivo-themes/bar/bar.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/ekko-lightbox.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/knockout-2.2.1.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/json3.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/koExternalTemplateEngine_all.min.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/bootstrapValidator.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/js/amf/services.jsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/javascriptThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/swf/playerProductInstall.swfRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: application/x-shockwave-flashThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/star-rating.min.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/ladda-themeless.min.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/bootstrap.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/site.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

http://hackazon.webscantest.com/css/sidebar.cssRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPHeadersContent-Type: text/cssThe Content-Type HTTP header is missing charset attribute
Original Traffic
Open

XPoweredByHeader (17)

References

OWASP2017-A6OWASP2021-A01CWE-201

Description

X-Powered-By HTTP header reveals the server configuration.

Recommendation

Remove the header.

0

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/bestpriceRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/review/sendRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/facebookRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/user/termsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/cart/addRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/cart/viewRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/twitterRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/category/viewRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/search/page/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

http://hackazon.webscantest.com/wishlist/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
XPoweredByHeaderx-powered-by: PHP/5.5.9-1ubuntu4.29The X-Powered-By HTTP response header found.
Original Traffic
Open

ServerTypeDisclosure (1)

References

OWASP2017-A6OWASP2021-A01CWE-497

Description

Default configurations of web servers often provide too much information about their platform and version in HTTP headers and on error pages. This data is not itself dangerous, but it can help an attacker focus on vulnerabilities associated with your specific web server platform/version.

Recommendation

Configure your web server to avoid having it announce its own details.

In Apache Web Server, the following configuration directives should be added to the config file:

  • ServerSignature Off
  • ServerTokens Prod

In Microsoft IIS/10.0 Web Server, the "removeServerHeader" attribute should be added to the "security" configuration in web.config file:

  • <requestFiltering removeServerHeader="true" />
0

http://hackazon.webscantest.com/Root Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
ServerTypeDisclosurehttp://hackazon.webscantest.com/http://hackazon.webscantest.com/aaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbthbbbbbbbbbbbbb.bbbbbbbServer: Apache/2.4.7 (Ubuntu)
Original Traffic
Open
Attack Traffic
Open
ServerTypeDisclosureServer: Apache/2.4.7 (Ubuntu)
Original Traffic
Open
ServerTypeDisclosureServer: Apache/2.4.7 (Ubuntu)
Original Traffic
Open

SensitivePersonalInformation (14)

References

No references are available for this vulnerability.

Description

Web form collects personal information.

Recommendation

If the collection of personal information is not required and violates a policy directive, do not collect it.

CVSS Score

4.5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:U

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open

http://hackazon.webscantest.com/category/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" class="form-control input-lg" id="username" placeholder="Username or Email" value="x75v8o0e">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" class="form-control input-lg" placeholder="Password" id="password">
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="5" value="">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="text" name="username" id="username" required class="form-control input-lg" placeholder="Username" tabindex="3" value="">
Original Traffic
Open

http://hackazon.webscantest.com/wishlist/Root Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="email" class="form-control" name="userEmail" id="userEmail" placeholder="Enter email" required data-validation="email">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open

http://hackazon.webscantest.com/search/page/Root Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required class="form-control" placeholder="Username" name="contact_name" id="userName">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open

http://hackazon.webscantest.com/cart/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" name="credit_card_number" id="creditCardField" value="" class="form-control" required pattern="^[\d-]+$" />
Original Traffic
Open

http://hackazon.webscantest.com/user/termsRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required class="form-control" placeholder="Name" name="userName" id="userName" value="">
Original Traffic
Open

http://hackazon.webscantest.com/review/sendRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open

http://hackazon.webscantest.com/Root Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open

http://hackazon.webscantest.com/bestpriceRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
SensitivePersonalInformation<input type="password" maxlength="100" required name="password" autocomplete="off" id="password" class="form-control input-lg" placeholder="Password" tabindex="5">
Original Traffic
Open
SensitivePersonalInformation<input type="email" class="form-control" name="userEmail" id="userEmail" placeholder="Enter email" required data-validation="email">
Original Traffic
Open
SensitivePersonalInformation<input type="text" maxlength="100" required name="username" id="username" autocomplete="off" class="form-control input-lg" placeholder="Username or Email" tabindex="1">
Original Traffic
Open

X-Content-Type-Options (15)

References

CWE-693

Description

The only defined value, "nosniff", prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions. This reduces exposure to drive-by download attacks and sites serving user uploaded content that, by clever naming, could be treated by MSIE as executable or dynamic HTML files.

Recommendation

The X-Content-Type-Options HTTP response header can be used to indicate whether or not a browser should be allowed to sniff a response away from the declared content-type. Sites can use this to avoid MIME-sniffing a response away from the declared content-type.

0

http://hackazon.webscantest.com/bestpriceRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:36:36 GMT Pragma: no-cache Content-Length: 4939 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:36:34 GMT Pragma: no-cache Content-Length: 4938 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:27 GMT Pragma: no-cache Content-Length: 4936 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:34:56 GMT Pragma: no-cache Content-Length: 8993 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Set-Cookie: PHPSESSID=m41sk1g5lom3bi2sd1jkr9mk86; path=/ Set-Cookie: NB_SRVID=srv36155888; path=/ Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:03 GMT Pragma: no-cache Content-Length: 4422 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 4326 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:06 GMT Pragma: no-cache Content-Length: 4422 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/review/sendRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:09 GMT Pragma: no-cache Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) x-powered-by: PHP/5.5.9-1ubuntu4.29 status: 400 Bad Request The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/category/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 4983 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:08 GMT Pragma: no-cache Content-Length: 4815 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 4973 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/user/termsRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:27 GMT Pragma: no-cache Content-Length: 5556 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/wishlist/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:25 GMT Pragma: no-cache Content-Length: 6948 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:04 GMT Pragma: no-cache Content-Length: 5860 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 5860 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:27 GMT Pragma: no-cache Content-Length: 5076 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 4794 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/search/page/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:27 GMT Pragma: no-cache Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) x-powered-by: PHP/5.5.9-1ubuntu4.29 status: 404 Not Found The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:24 GMT Pragma: no-cache Content-Length: 8090 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Set-Cookie: visited_products=%2C45%2C122%2C20%2C49%2C; expires=Tue, 05-Mar-2024 02:35:24 GMT; Max-Age=31536000; path=/ Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:05 GMT Pragma: no-cache Content-Length: 7840 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Set-Cookie: visited_products=%2C45%2C122%2C; expires=Tue, 05-Mar-2024 02:35:05 GMT; Max-Age=31536000; path=/ Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:04 GMT Pragma: no-cache Content-Length: 7620 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Set-Cookie: visited_products=%2C45%2C; expires=Tue, 05-Mar-2024 02:35:04 GMT; Max-Age=31536000; path=/ Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/twitterRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:27 GMT Pragma: no-cache Content-Length: 163 Content-Type: text/html Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:58 GMT Pragma: no-cache Content-Length: 6311 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:59 GMT Pragma: no-cache Content-Length: 6314 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:07 GMT Pragma: no-cache Content-Length: 6142 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/cart/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:37 GMT Pragma: no-cache Content-Length: 8111 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:37 GMT Pragma: no-cache Content-Length: 8111 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:34 GMT Pragma: no-cache Content-Length: 8108 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:03 GMT Pragma: no-cache Content-Length: 5433 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open
X-Content-Type-OptionsCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 06 Mar 2023 02:35:05 GMT Pragma: no-cache Content-Length: 6805 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 19 Nov 1981 08:52:00 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding x-powered-by: PHP/5.5.9-1ubuntu4.29 The X-Content-Type-Options HTTP response header, which only defined value is "nosniff", not found.
Original Traffic
Open

EmailAddress (2)

References

CWE-359OWASP2021-A01OWASP2017-A3

Description

An email link was found on the page. This can give an attacker clues as to who works at your company which can be used for guessing authentication credentials or otherwise getting a toehold into the organization.

Recommendation

Avoid exposing user private data.

CVSS Score

4.5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:U

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
EmailAddressXXXXXXXXXXXXXXXXXXXXXXX.com
Original Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
EmailAddressfeedback@startbootstrap.com
Original Traffic
Open
EmailAddressfeedback@startbootstrap.com
Original Traffic
Open

PhoneNumber (2)

References

CWE-359OWASP2021-A01OWASP2017-A3

Description

It has been detected that phone number is stored on this site.

Recommendation

Avoid exposing user private data.

CVSS Score

4.5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:U

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
PhoneNumberXXXXXXXXXXX600<
Original Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
PhoneNumberXXXXXXXXXXX999"
Original Traffic
Open

InformationDisclosure (1)

References

OWASP2017-A6OWASP2021-A01CWE-201

Description

A path was found in the error information returned by the server. This can give an attacker clues as to the directory topology and setup of your web application.

Recommendation

Remove all references to local path from the web application.

CVSS Score

4.5 (Medium)

Vector String

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:U

http://hackazon.webscantest.com/twitterRoot Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
InformationDisclosure>/var/www/hackazon/classes/PHPixie/Auth/Login/Twitter.php
Original Traffic
Open

Reflection (4)

References

No references are available for this vulnerability.

Description

Dangerous character was reflected in response. This can indicate a potential XSS vulnerability.

Recommendation

Escape all dangerous characters.0

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: id / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Reflectionwaterx7hdizv2<x7hdizv2x7hdizv2<x7hdizv2
Original Traffic
Open
Attack Traffic
Open
Reflectiondatax7cspn58'x7cspn58x7cspn58'x7cspn58
Original Traffic
Open
Attack Traffic
Open
Reflectiondatax7cspn6cx7cspn6c
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: Unnamed / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Reflectionx7l2pnj6x7l2pnj6
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: first_name / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
ReflectionJohnx7lbu8n7x7lbu8n7
Original Traffic
Open
Attack Traffic
Open
ReflectionJohnx7lbu8n2'x7lbu8n2x7lbu8n2'x7lbu8n2
Original Traffic
Open
Attack Traffic
Open
ReflectionJohnx7vztari'x7vztarix7vztari'x7vztari
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: username / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
Reflectionx75uzqtyx7bnib89x7bnib89
Original Traffic
Open
Attack Traffic
Open
Reflectionx7o2psozx7o2psoz
Original Traffic
Open
Attack Traffic
Open
Reflectionx75v8o0ex7wgn37sx7wgn37s
Original Traffic
Open
Attack Traffic
Open

HTTPUserAgent (7)

References

No references are available for this vulnerability.

Description

The most common reason to perform user agent sniffing is to determine which type of device and browser is being used to access the resource in question. This information can be used by an attacker to launch a more focussed attack against a particular user, or to identify and attempt the attack deemed most likely to succeed.

Recommendation

In order to remove the risk associated with User Agent Sniffing, consider making use of a custom User agent, although be warned that making use of a custom User Agent may cause some functionality to break in certain web apps.

0

http://hackazon.webscantest.com/user/registerRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/contactRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/category/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/user/loginRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/faqRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (X11; Linux i686; rv:10.0) Gecko/20100101 Firefox/10.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/product/viewRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/searchRoot Cause: (Parameter: / 3 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android 4.4; Mobile; rv:41.0) Gecko/41.0 Firefox/41.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open
HTTPUserAgentMozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.24 Safari/537.36Mozilla/5.0 (Android; Tablet; rv:40.0) Gecko/40.0 Firefox/40.0HTTP/1.1 200 OK Website generates different response based on User-agent string
Original Traffic
Open
Attack Traffic
Open

HtmlPrivacyCheck (2)

References

No references are available for this vulnerability.

Description

Natural persons may be associated with online identifiers such as cookie identifiers. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them. The web application does not notify users of that it is tracking users.

Recommendation

Enforce a privacy policy to get consent from users to store or retrieve any information on a computer.

0

http://hackazon.webscantest.com/product/view?id=20Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HtmlPrivacyCheckCookie Notification not Found
Original Traffic
Open
Attack Traffic
Open

http://hackazon.webscantest.com/Root Cause: (Parameter: / 1 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
HtmlPrivacyCheckCookie Notification not Found
Original Traffic
Open
Attack Traffic
Open

AnonymousAccessType (1)

References

CWE-284OWASP2021-A01

Description

The presence of this vulnerability allows any user to access or post content without providing a user name/password or security token challenge.

Recommendation

Disable Anonymous Authentication in the server configuration.

0

http://hackazon.webscantest.com/Root Cause: (Parameter: / 2 Attack Variances)
INFORMATIONAL

Attack TypeOriginal ValueAttack ValueProofProof DescriptionReplay Attack
AnonymousAccessTypehttp://hackazon.webscantest.com/http://hackazon.webscantest.com/
Original Traffic
Open
Attack Traffic
Open
AnonymousAccessTypehttp://hackazon.webscantest.com/http://hackazon.webscantest.com/
Original Traffic
Open
Attack Traffic
Open